Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add rate limiting on IP #6

Open
kennygrant opened this issue Oct 20, 2015 · 2 comments
Open

Add rate limiting on IP #6

kennygrant opened this issue Oct 20, 2015 · 2 comments
Labels
enhancement help wanted

Comments

@kennygrant
Copy link
Contributor

Add rate limiting with IP as a filter. Possibly allow config of max tries per IP, and timeout between sets of tries, either in config file or in the code for the middleware (to avoid bloating the config with too many options).
@pankajagarwal
Copy link

Shouldn't this be handled at nginx or haproxy or LB level. one level above the real application. I mean this might be a thing you wouldn't want in a large deployment handling heavy traffic where the requests to the app server will come from load balancers.

@kennygrant
Copy link
Contributor Author

It would definitely be optional, and in larger apps you're right it would be at a higher level, but might be useful in smaller apps to have this ability to avoid naive DOS attacks.

My end goal here is to have an application that is one binary and can be deployed anywhere with zero dependencies, but which you can scale out with a database/load balancer etc separately if required. So this isn't really a high priority item, just a note for later.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kennygrant @pankajagarwal